add link validator

astro.config.mjs

@@ -2,6 +2,7 @@
 import { defineConfig, envField } from 'astro/config';
 import starlight from '@astrojs/starlight';
 import starlightUtils from '@lorenzo_lewis/starlight-utils';
+import starlightLinksValidator from 'starlight-links-validator'
 
 import markdoc from '@astrojs/markdoc';
 
@@ -60,6 +61,10 @@ export default defineConfig({
         alt: 'LocalStack',
       },
       plugins: [
+        starlightLinksValidator({
+          errorOnRelativeLinks: false,
+          errorOnLocalLinks: false,
+        }),
         starlightUtils({
           multiSidebar: {
             switcherStyle: 'dropdown',

package.json

@@ -28,6 +28,7 @@
     "react": "^19.1.0",
     "react-dom": "^19.1.0",
     "sharp": "^0.32.5",
+    "starlight-links-validator": "^0.17.0",
     "tailwind-merge": "^3.2.0",
     "tailwindcss": "^4.1.6"
   },

src/content/docs/aws/capabilities/cloud-sandbox/app-preview.md

@@ -110,4 +110,4 @@ preview-cmd: |
 
 ## Examples
 
-- [Creating ephemeral application previews with LocalStack and GitHub Actions](/aws/tutorials/ephemeral-application-previews/) and the [example repository](https://github.com/localstack-samples/sample-notes-app-dynamodb-lambda-apigateway)
+- [Creating ephemeral application previews with LocalStack and GitHub Actions]() and the [example repository](https://github.com/localstack-samples/sample-notes-app-dynamodb-lambda-apigateway)

src/content/docs/aws/capabilities/config/configuration.md

@@ -31,7 +31,7 @@ Options that affect the core LocalStack system.
 | `GATEWAY_LISTEN`| `0.0.0.0:4566` (default in Docker mode) `127.0.0.1:4566` (default in host mode) | Configures the bind addresses of LocalStack. It has the form `<ip address>:<port>(,<ip address>:<port>)*`. LocalStack Pro adds port `443`. |
 | `LOCALSTACK_HOST`| `localhost.localstack.cloud:4566` (default) | This is interpolated into URLs and addresses that are returned by LocalStack. It has the form `<hostname>:<port>`. |
 | `USE_SSL` | `0` (default) | Whether to return URLs using HTTP (`0`) or HTTPS (`1`). Changed with 3.0.0. In earlier versions this was toggling SSL support on or off. |
-| `PERSISTENCE` | `0` (default) | Enable persistence. See [Persistence Mechanism](/aws/capabilities/state-management/persistence) and [Filesystem Layout](/aws/capabilities/config/filesystem-layout). |
+| `PERSISTENCE` | `0` (default) | Enable persistence. See [Persistence Mechanism](/aws/capabilities/state-management/persistence) and [Filesystem Layout](/aws/capabilities/config/filesystem). |
 | `MAIN_CONTAINER_NAME` | `localstack-main` (default) | Specify the main docker container name |
 | `LS_LOG` | `trace`, `trace-internal`, `debug`, `info`, `warn`, `error`, `warning`| Specify the log level. Currently overrides the `DEBUG` configuration. `trace` for detailed request/response, `trace-internal` for internal calls, too. |
 | `EXTERNAL_SERVICE_PORTS_START` | `4510` (default) | Start of the [External Service Port Range](/aws/capabilities/networking/external-port-range) (inclusive). |
@@ -47,7 +47,7 @@ These options are applicable when using the CLI to start LocalStack.
 
 | Variable | Example Values | Description |
 | - | - | - |
-| `LOCALSTACK_VOLUME_DIR` | `~/.cache/localstack/volume` (on Linux) | The location on the host of the LocalStack volume directory mount. See [Filesystem Layout](/aws/capabilities/config/filesystem-layout#using-the-cli) |
+| `LOCALSTACK_VOLUME_DIR` | `~/.cache/localstack/volume` (on Linux) | The location on the host of the LocalStack volume directory mount. See [Filesystem Layout](/aws/capabilities/config/filesystem#using-the-cli) |
 | `CONFIG_PROFILE` | | The configuration profile to load. See [Profiles](#profiles) |
 | `CONFIG_DIR` | `~/.localstack` | The path where LocalStack can find configuration profiles and other CLI-specific configuration |
 
@@ -226,7 +226,7 @@ Also see [OpenSearch configuration variables](#opensearch) which are used to man
 | Variable | Example Values | Description |
 | - | - | - |
 | `ENFORCE_IAM` (pro) | `0` (default)\|`1` | Enable IAM policy evaluation and enforcement. If this is disabled (the default), IAM policies will have no effect to your requests. |
-| `IAM_SOFT_MODE` (pro) | `0` (default)\|`1` | Enable IAM soft mode. This leads to policy evaluation without actually denying access. Needs `ENFORCE_IAM` enabled as well. For more information, see [Identity and Access Management](/aws/servicesiam).|
+| `IAM_SOFT_MODE` (pro) | `0` (default)\|`1` | Enable IAM soft mode. This leads to policy evaluation without actually denying access. Needs `ENFORCE_IAM` enabled as well. For more information, see [Identity and Access Management](/aws/services/iam).|
 
 ### Kinesis
 
@@ -252,7 +252,7 @@ Please consult the [migration guide](/aws/services/lambda#migrating-to-lambda-v2
 | `BUCKET_MARKER_LOCAL` | `hot-reload` (default) | Magic S3 bucket name for [Hot Reloading](/aws/tooling/lambda-tools/hot-reloading). The S3Key points to the source code on the local file system. |
 | `HOSTNAME_FROM_LAMBDA` | `localstack` | Endpoint host under which APIs are accessible from Lambda containers (optional). This can be useful in docker-compose stacks to use the local container hostname if neither IP address nor container name of the main container are available (e.g., in CI). Often used in combination with `LAMBDA_DOCKER_NETWORK`.|
 | `LAMBDA_DISABLE_AWS_ENDPOINT_URL` | `0` (default) \| `1` | Whether to disable injecting the environment variable `AWS_ENDPOINT_URL`, which automatically configures [supported AWS SDKs](https://docs.aws.amazon.com/sdkref/latest/guide/feature-ss-endpoints.html). |
-| `LAMBDA_DISABLE_JAVA_SDK_V2_CERTIFICATE_VALIDATION` | `1` (default) | Whether to disable the certificate name validation for [AWS Java SDK v2](https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/home.html) calls when using [transparent endpoint injection](/aws/tooling/transparent-endpoint-injection).|
+| `LAMBDA_DISABLE_JAVA_SDK_V2_CERTIFICATE_VALIDATION` | `1` (default) | Whether to disable the certificate name validation for [AWS Java SDK v2](https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/home.html) calls when using [transparent endpoint injection](/aws/capabilities/networking/transparent-endpoint-injection).|
 | `LAMBDA_DOCKER_DNS` | `""` (default) | Optional custom DNS server for the container running your Lambda function. Overwrites the default LocalStack [DNS Server](/aws/tooling/dns-server). Hence, resolving `localhost.localstack.cloud` requires additional configuration. |
 | `LAMBDA_DOCKER_FLAGS` | `-e KEY=VALUE`, `-v host:container`, `-p host:container`, `--add-host domain:ip` | Additional flags passed to Docker `run`\|`create` commands. Supports environment variables (also with `--env-file`, but the file has to be mounted into the LocalStack container), ports, volume mounts, extra hosts, networks, DNS servers, labels, ulimits, user, platform, and privileged mode. The `--env-file` argument for Docker `run` and Docker Compose have different feature sets. To provide both, we support the `--env-file` for environment files with the docker run syntax, while `--compose-env-file` supports the full docker compose features, like placeholders with `${}`, replacing quotes, etc. |
 | `LAMBDA_DOCKER_NETWORK` | `bridge` (Docker default) | [Docker network driver](https://docs.docker.com/network/) for the Lambda and ECS containers. Needs to be set to the network the LocalStack container is connected to. Limitation: `host` mode currently not supported. |
@@ -310,7 +310,7 @@ Please consult the [migration guide](/aws/services/lambda#migrating-to-lambda-v2
 | - | - | - |
 | `OPENSEARCH_CUSTOM_BACKEND` | `http://opensearch:9200` | URL to a custom OpenSearch backend cluster. If this is set to a valid URL, then LocalStack will not create OpenSearch cluster instances, but instead forward all domains to the given backend (see [Custom Opensearch Backends](/aws/services/opensearch#custom-opensearch-backends). |
 | `OPENSEARCH_MULTI_CLUSTER` | `1`\| `0` | When activated, LocalStack will spawn one OpenSearch cluster per domain. Otherwise all domains will share a single cluster instance. This is ignored if `OPENSEARCH_CUSTOM_BACKEND` is set. |
-| `OPENSEARCH_ENDPOINT_STRATEGY` | `path`\|`domain`\|`port` | Governs how domain endpoints are created to access a cluster (see [Opensearch Endpoints](/aws/services/opensearch#endpoints)). |
+| `OPENSEARCH_ENDPOINT_STRATEGY` | `path`\|`domain`\|`port` | Governs how domain endpoints are created to access a cluster (see [Opensearch Endpoints](/aws/services/opensearch#domain-endpoints)). |
 | `SKIP_INFRA_DOWNLOADS` | `1` \| `0` (default) | **Deprecated since 1.3.0** Whether to skip downloading additional infrastructure components (e.g., specific Elasticsearch versions) |
 | `IGNORE_OS_DOWNLOAD_ERRORS` | `0`\|`1` | Whether to ignore errors (e.g., network/SSL) when downloading OpenSearch plugins |
 
@@ -345,8 +345,8 @@ Please consult the [migration guide](/aws/services/lambda#migrating-to-lambda-v2
 | - | - | - |
 | `SQS_DELAY_PURGE_RETRY` | `0` (default) | Used to toggle PurgeQueueInProgress errors when making more than one PurgeQueue call within 60 seconds. |
 | `SQS_DELAY_RECENTLY_DELETED` | `0` (default) | Used to toggle QueueDeletedRecently errors when re-creating a queue within 60 seconds of deleting it. |
-| `SQS_ENABLE_MESSAGE_RETENTION_PERIOD`| `0` (default) \| `1` | Used to toggle the MessageRetentionPeriod feature (see [Enabling `MessageRetentionPeriod`](/aws/sqs/#enabling-messageretentionperiod) |
-| `SQS_ENDPOINT_STRATEGY`| `standard` (default) \| `domain` \| `path` \| `off` | Configures the format of Queue URLs (see [SQS Queue URLs](/aws/sqs/#queue-urls) |
+| `SQS_ENABLE_MESSAGE_RETENTION_PERIOD`| `0` (default) \| `1` | Used to toggle the MessageRetentionPeriod feature (see [Enabling `MessageRetentionPeriod`](/aws/services/sqs/#enabling-messageretentionperiod) |
+| `SQS_ENDPOINT_STRATEGY`| `standard` (default) \| `domain` \| `path` \| `off` | Configures the format of Queue URLs (see [SQS Queue URLs](/aws/services/sqs/#queue-urls) |
 | `SQS_DISABLE_CLOUDWATCH_METRICS` | `0` (default) | Disables the CloudWatch Metrics for SQS when set to `1` |
 | `SQS_CLOUDWATCH_METRICS_REPORT_INTERVAL` | `60` (default) | Configures the report interval (in seconds) for `Approximate*` metrics that are sent to CloudWatch periodically. Sending will be disabled if `SQS_DISABLE_CLOUDWATCH_METRICS=1` |
 
@@ -449,7 +449,7 @@ To learn more about these configuration options, see [DNS Server](/aws/tooling/d
 
 | Variable | Example Values | Description |
 | - | - | - |
-| `DISABLE_TRANSPARENT_ENDPOINT_INJECTION` | `0` (default in Pro) \| `1` | Whether to disable DNS resolution of AWS hostnames to the LocalStack container. Pro feature. (see [Transparent Endpoint Injection](/aws/tooling/transparent-endpoint-injection))
+| `DISABLE_TRANSPARENT_ENDPOINT_INJECTION` | `0` (default in Pro) \| `1` | Whether to disable DNS resolution of AWS hostnames to the LocalStack container. Pro feature. (see [Transparent Endpoint Injection](/aws/capabilities/networking/transparent-endpoint-injection))
 
 ## LocalStack Pro
 
@@ -515,7 +515,7 @@ These configurations have already been removed and **won't have any effect** on
 | `DISABLE_TERM_HANDLER` | 2.0.0 | `""` (default) \| `1` | Whether to disable signal passing to LocalStack when running in docker. Enabling this will prevent an orderly shutdown when running inside LS in docker. Setting this to anything else than an empty string will disable it.
 | `HOST_TMP_FOLDER` | 2.0.0 | `/some/path` |  Temporary folder on the host that gets mounted as `$TMPDIR/localstack` into the LocalStack container. Required only for Lambda volume mounts when using `LAMBDA_REMOTE_DOCKER=false.` |
 | `INIT_SCRIPTS_PATH` | 2.0.0 | `/some/path` | Before 1.0, this was used to configure the path to the initializing files with extensions `.sh` that were found in `/docker-entrypoint-initaws.d`. This has been replaced by the [init-hook system](/aws/capabilities/config/initialization-hooks/). |
-| `LEGACY_DIRECTORIES` | 2.0.0 | `0` (default) | Use legacy method of managing internal filesystem layout. See [Filesystem Layout](/aws/capabilities/config/filesystem-layout). |
+| `LEGACY_DIRECTORIES` | 2.0.0 | `0` (default) | Use legacy method of managing internal filesystem layout. See [Filesystem Layout](/aws/capabilities/config/filesystem). |
 | `LEGACY_INIT_DIR` | 2.0.0 | `1` \| `0`(default) | Used with `INIT_SCRIPTS_PATH`. This has been replaced by the [init-hook system](/aws/capabilities/config/initialization-hooks). |
 | `MULTI_ACCOUNTS` | 2.0.0 | `0` (default) | Enable multi-accounts (preview) |
 | `SQS_PROVIDER` | 2.0.0 |  `moto` (default) and `elasticmq` | |

src/content/docs/aws/capabilities/config/initialization-hooks.mdx

@@ -230,7 +230,7 @@ The logs should show something like:
 2024-06-26T20:36:26.864 DEBUG --- [ady_monitor)] localstack.utils.run       : Executing command: ['tflocal', '-chdir=/etc/localstack/init/ready.d', 'apply', '-auto-approve']
 ```
 
-For a more complex demo project, on how to use Terraform init hooks for your testing environments, you can check out [this example](/aws/tutorials/using-terraform-with-testcontainers-and-localstack/) in the Tutorials section.
+For a more complex demo project, on how to use Terraform init hooks for your testing environments, you can check out [this example]() in the Tutorials section.
 
 ## Troubleshooting
 

src/content/docs/aws/capabilities/config/internal-endpoints.md

@@ -33,4 +33,4 @@ curl -v --request POST --header "Content-Type: application/json"  --data '{"acti
 
 The API path for the AWS internal resources is `/_aws`.
 These endpoints offer LocalStack-specific features in addition to the ones offered by the AWS services.
-For instance, `/aws/sqs/messages` conveniently access all messages within a SQS queue, without deleting them.
+For instance, `/aws/services/sqs/messages` conveniently access all messages within a SQS queue, without deleting them.

src/content/docs/aws/capabilities/event-studio.md

@@ -89,7 +89,7 @@ This is essential for effectively debugging complex event-driven architectures.
 The following services are supported on Event Studio:
 
 - [S3](https://docs.localstack.cloud/user-guide/aws/s3/)
-- [SQS](https://docs.localstack.cloud/user-guide/aws/sqs/)
+- [SQS](https://docs.localstack.cloud/user-guide/aws/services/sqs/)
 - [SNS](https://docs.localstack.cloud/user-guide/aws/sns/)
 - [DynamoDB](https://docs.localstack.cloud/user-guide/aws/dynamodb/)
 - [Lambda](https://docs.localstack.cloud/user-guide/aws/lambda/)

src/content/docs/aws/capabilities/networking/external-port-range.mdx

@@ -18,13 +18,13 @@ This documentation discusses two approaches to access these external services wi
 LocalStack offers a proxy functionality to access external services indirectly.
 In this approach, LocalStack assigns local domains to the external services based on the individual service's configuration.
 
-For instance, if OpenSearch is configured to use the [`OPENSEARCH_ENDPOINT_STRATEGY=domain`](/aws/services/opensearch#endpoints) setting, a cluster can be reached using the domain name `<domain-name>.<region>.<engine-type>.localhost.localstack.cloud`.
+For instance, if OpenSearch is configured to use the [`OPENSEARCH_ENDPOINT_STRATEGY=domain`](/aws/services/opensearch#domain-endpoints) setting, a cluster can be reached using the domain name `<domain-name>.<region>.<engine-type>.localhost.localstack.cloud`.
 Incoming messages to these domains are relayed to servers running on ports that do not require external accessibility.
 
 ## Direct Access with External Service Port Range
 
 An alternative approach to accessing external services is by utilizing the _external service port range_.
-This method, applicable to services like OpenSearch, is activated using the [`OPENSEARCH_ENDPOINT_STRATEGY=port`](/aws/services/opensearch#endpoints) configuration.
+This method, applicable to services like OpenSearch, is activated using the [`OPENSEARCH_ENDPOINT_STRATEGY=port`](/aws/services/opensearch#domain-endpoints) configuration.
 The external service port range is pre-defined and set to `4510-4559` by default.
 
 When a LocalStack service starts an external service, it automatically selects an available port from within the specified range.

src/content/docs/aws/capabilities/networking/internal-endpoints.md

@@ -35,4 +35,4 @@ $ curl -v --request POST --header "Content-Type: application/json"  --data '{"ac
 
 The API path for the AWS internal resources is `/_aws`.
 These endpoints offer LocalStack-specific features in addition to the ones offered by the AWS services.
-For instance, `/aws/sqs/messages` conveniently access all messages within a SQS queue, without deleting them.
+For instance, `/aws/services/sqs/messages` conveniently access all messages within a SQS queue, without deleting them.

src/content/docs/aws/capabilities/networking/transparent-endpoint-injection.md

@@ -58,7 +58,7 @@ If Transparent Endpoint Injection is _not_ used, the AWS SDK within Lambda funct
 Transparent Endpoint Injection is only available in LocalStack Pro.
 
 Alternatively, specific AWS endpoints can be resolved to AWS while continuing to use Transparent Endpoint Injection.
-Refer to the [DNS server configuration](/aws/tooling/dns-server#configuration) for skipping selected domain name patterns.
+Refer to the [DNS server configuration](/aws/tooling/dns-server#system-dns-configuration) for skipping selected domain name patterns.
 
 :::danger
 Use this configuration with caution because we generally do not recommend connecting to real AWS from within LocalStack.

src/content/docs/aws/capabilities/security-testing/custom-tls-certificates.mdx

@@ -18,8 +18,8 @@ You may see errors in the logs relating to TLS such as "unable to get local issu
 There are three options when running LocalStack:
 
 1. [creating a custom Docker image](#creating-a-custom-docker-image),
-2. [using init hooks](#custom-ssl-certificates-with-init-hooks) or
-3. [when running in host mode](#custom-ssl-certificates-with-host-mode).
+2. [using init hooks](#custom-tls-certificates-with-init-hooks) or
+3. [when running in host mode](#custom-tls-certificates-with-host-mode).
 
 They all can be summarised as: